Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9144F59/4B958BCE00CB11E8BEB1EF10C4F9AE02/84608B7471ED11EC946B1F51C4F9AE02.roa
File:                     84608B7471ED11EC946B1F51C4F9AE02.roa (raw, json)
Hash identifier:          9R6voXRDPRLh3bAqqJbMyhU3DbRPBYbBnYXWg54NxlY=
Subject key identifier:   FE:46:16:DE:C0:81:7B:69:8A:C7:4D:B4:E2:EB:D1:53:CD:94:42:59
Certificate issuer:       /CN=A9144F59/serialNumber=C7B2647350380A6A34E34E32CEFE3519937E97C8
Certificate serial:       156B
Authority key identifier: C7:B2:64:73:50:38:0A:6A:34:E3:4E:32:CE:FE:35:19:93:7E:97:C8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x7Jkc1A4Cmo0404yzv41GZN-l8g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9144F59/4B958BCE00CB11E8BEB1EF10C4F9AE02/84608B7471ED11EC946B1F51C4F9AE02.roa
Signing time:             Tue 15 Aug 2023 08:30:07 +0000
ROA not before:           Tue 15 Aug 2023 08:30:07 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     55821
IP address blocks:        27.126.152.0/22 maxlen: 22
                          27.126.152.0/24 maxlen: 24
                          27.126.153.0/24 maxlen: 24
                          27.126.154.0/24 maxlen: 24
                          27.126.155.0/24 maxlen: 24
                          45.114.132.0/22 maxlen: 22
                          45.114.132.0/24 maxlen: 24
                          45.114.133.0/24 maxlen: 24
                          45.114.134.0/24 maxlen: 24
                          45.114.135.0/24 maxlen: 24
                          103.5.4.0/22 maxlen: 22
                          103.5.4.0/24 maxlen: 24
                          103.5.5.0/24 maxlen: 24
                          103.5.6.0/24 maxlen: 24
                          103.5.7.0/24 maxlen: 24
                          103.16.168.0/22 maxlen: 22
                          103.16.168.0/24 maxlen: 24
                          103.16.169.0/24 maxlen: 24
                          103.16.170.0/24 maxlen: 24
                          103.16.171.0/24 maxlen: 24
                          103.54.84.0/22 maxlen: 22
                          103.54.84.0/24 maxlen: 24
                          103.54.85.0/24 maxlen: 24
                          103.54.86.0/24 maxlen: 24
                          103.54.87.0/24 maxlen: 24
                          110.235.128.0/18 maxlen: 22
                          110.235.132.0/24 maxlen: 24
                          110.235.143.0/24 maxlen: 24
                          203.96.180.0/22 maxlen: 22
                          203.96.180.0/24 maxlen: 24
                          203.96.181.0/24 maxlen: 24
                          203.96.182.0/24 maxlen: 24
                          2400:6a80::/32 maxlen: 32
                          2400:6a80:1::/48 maxlen: 48
                          2400:6a80:8000::/34 maxlen: 40
                          2400:6a80:c000::/34 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5483 (0x156b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9144F59/serialNumber=C7B2647350380A6A34E34E32CEFE3519937E97C8
        Validity
            Not Before: Aug 15 08:30:07 2023 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=64db378f-a70a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:51:97:c9:25:6f:95:dd:65:b6:fc:32:47:d0:
                    5e:a1:bc:be:f5:d7:45:40:57:3d:e9:99:78:da:ff:
                    03:95:9d:b1:ee:26:63:cd:f0:d1:ad:bd:c6:6f:e4:
                    94:65:59:c6:52:6c:71:d3:50:19:35:2b:df:fc:9d:
                    f1:f6:91:b6:6a:68:28:7c:fe:f9:09:ab:6f:15:83:
                    87:ab:6e:97:fa:6c:49:40:e6:54:8a:06:96:64:2a:
                    7a:ca:dc:65:2f:27:0e:5b:90:ee:ee:ef:83:91:37:
                    01:c0:27:3c:b9:42:e1:b8:e4:a9:fb:06:bd:5f:dc:
                    cc:06:02:44:08:c1:9f:fb:cf:18:a4:f2:20:76:88:
                    f8:41:d0:f3:51:54:f9:6a:ca:d4:ce:80:25:97:cf:
                    29:80:bb:63:2b:65:5d:ea:92:6a:3f:99:21:f0:6c:
                    09:6f:c4:49:f5:a7:97:52:bf:a7:ff:d1:87:0a:dc:
                    70:71:71:7c:8d:f4:6a:46:6f:f4:65:fa:88:ce:51:
                    b7:12:e4:18:87:11:ff:af:a1:17:e8:26:2e:1c:35:
                    83:8c:05:36:c1:21:f5:35:50:b7:64:a8:91:52:64:
                    f2:90:04:15:25:f3:aa:ee:51:67:b3:1b:c8:4a:9b:
                    30:f6:b0:fe:5c:f9:b4:c7:9a:5a:eb:c7:9f:68:6e:
                    80:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:46:16:DE:C0:81:7B:69:8A:C7:4D:B4:E2:EB:D1:53:CD:94:42:59
            X509v3 Authority Key Identifier:
                keyid:C7:B2:64:73:50:38:0A:6A:34:E3:4E:32:CE:FE:35:19:93:7E:97:C8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9144F59/4B958BCE00CB11E8BEB1EF10C4F9AE02/x7Jkc1A4Cmo0404yzv41GZN-l8g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x7Jkc1A4Cmo0404yzv41GZN-l8g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144F59/4B958BCE00CB11E8BEB1EF10C4F9AE02/84608B7471ED11EC946B1F51C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.126.152.0/22
                  45.114.132.0/22
                  103.5.4.0/22
                  103.16.168.0/22
                  103.54.84.0/22
                  110.235.128.0/18
                  203.96.180.0/22
                IPv6:
                  2400:6a80::/32

    Signature Algorithm: sha256WithRSAEncryption
         a4:95:4e:15:ea:e9:10:45:a1:dd:0f:b0:8f:2e:11:6a:c0:ce:
         29:3d:1c:b2:60:03:1a:b9:69:fa:36:ed:df:20:cc:f2:cf:2d:
         c9:bf:41:b5:e5:48:cb:6c:ee:4c:50:37:b6:02:d8:83:39:4d:
         a5:b1:37:4d:16:68:1a:8b:28:01:e7:63:eb:39:80:57:8b:92:
         69:15:e1:f7:ab:d5:fb:3c:8a:47:d7:6e:cb:89:8c:3b:95:c4:
         6a:3f:2d:08:0b:ec:76:3b:ab:7b:f0:65:cf:c3:01:49:1e:74:
         38:7a:dc:d6:0a:be:9d:5c:16:d3:25:a1:32:53:c5:58:77:9c:
         95:42:dd:fd:a6:36:ea:50:2c:cb:d4:ec:1e:a0:3b:77:8d:2f:
         b5:c0:2e:9b:11:44:e7:20:e7:6e:0d:7e:02:13:65:4c:d9:ee:
         8b:50:0e:21:17:20:83:fa:f1:1f:bc:02:4b:c1:7b:34:1f:66:
         5e:d1:ec:35:9a:03:92:1b:9d:9d:57:c3:55:fc:ab:73:bc:f1:
         14:f7:88:bf:7f:94:09:7a:c8:a3:fe:96:25:4e:6c:0a:ca:a9:
         83:2b:0a:f3:b3:5c:fb:8c:4d:4b:08:ef:5d:2c:7b:ac:43:c5:
         d0:d7:cd:55:3b:41:74:7b:3a:5f:97:74:cd:ee:d2:ca:e4:86:
         71:ef:e0:ae
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICFWswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDRGNTkxMTAvBgNVBAUTKEM3QjI2NDczNTAzODBBNkEzNEUzNEUzMkNFRkUzNTE5
OTM3RTk3QzgwHhcNMjMwODE1MDgzMDA3WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRiMzc4Zi1hNzBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyVGXySVvld1ltvwyR9Beoby+9ddFQFc96Zl42v8DlZ2x7iZjzfDRrb3Gb+SU
ZVnGUmxx01AZNSvf/J3x9pG2amgofP75CatvFYOHq26X+mxJQOZUigaWZCp6ytxl
LycOW5Du7u+DkTcBwCc8uULhuOSp+wa9X9zMBgJECMGf+88YpPIgdoj4QdDzUVT5
asrUzoAll88pgLtjK2Vd6pJqP5kh8GwJb8RJ9aeXUr+n/9GHCtxwcXF8jfRqRm/0
ZfqIzlG3EuQYhxH/r6EX6CYuHDWDjAU2wSH1NVC3ZKiRUmTykAQVJfOq7lFnsxvI
Spsw9rD+XPm0x5pa68efaG6AuQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFP5GFt7A
gXtpisdNtOLr0VPNlEJZMB8GA1UdIwQYMBaAFMeyZHNQOApqNONOMs7+NRmTfpfI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NEY1OS80Qjk1OEJDRTAw
Q0IxMUU4QkVCMUVGMTBDNEY5QUUwMi94N0prYzFBNENtbzA0MDR5enY0MUdaTi1s
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3g3SmtjMUE0Q21vMDQwNHl6djQxR1pOLWw4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDRGNTkvNEI5NThCQ0UwMENCMTFFOEJFQjFFRjEwQzRGOUFFMDIvODQ2MDhCNzQ3
MUVEMTFFQzk0NkIxRjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAIbfpgDBAItcoQDBAJnBQQDBAJnEKgDBAJnNlQDBAZu64AD
BALLYLQwDQQCAAIwBwMFACQAaoAwDQYJKoZIhvcNAQELBQADggEBAKSVThXq6RBF
od0PsI8uEWrAzik9HLJgAxq5afo27d8gzPLPLcm/QbXlSMts7kxQN7YC2IM5TaWx
N00WaBqLKAHnY+s5gFeLkmkV4fer1fs8ikfXbsuJjDuVxGo/LQgL7HY7q3vwZc/D
AUkedDh63NYKvp1cFtMloTJTxVh3nJVC3f2mNupQLMvU7B6gO3eNL7XALpsRROcg
524NfgITZUzZ7otQDiEXIIP68R+8AkvBezQfZl7R7DWaA5IbnZ1Xw1X8q3O88RT3
iL9/lAl6yKP+liVObArKqYMrCvOzXPuMTUsI710se6xDxdDXzVU7QXR7Ol+XdM3u
0srkhnHv4K4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org